Evaluation Errors?

I have EPMF setup and it seems to be working pretty well, but I'm not seeing evaluation errors reported correctly. I had a few SQL 2000 servers that I forgot to add the sqlaccount service account to and the powershell job wasn't able to connect to
them. They didn't show up in the evaluation results of the report but the evaluation errors link still lists "0".

After looking a little closer at the powershell job, I see that all the results, (including connection failures), were put into the PolicyHistory table and the EvaluationErrorHistory table is empty. Should these have gone into EvaluationErrorHistory?
Any suggestions on how to troubleshoot this?

This is interesting. Typically, all connection failures are put into EvaluationErrorHistory. Is it possible that you were able to connect, but you were not able to execute any of the policies? In other words, you had rights to connect,
but did not have rights to see or do anything?

I am updating the framework, and am working out some of the bugs with how errors are posted and evaluated. I have not seen issues with connection failures writing to the PolicyHistory table, but I have found some other inconsistencies with how the
errors are reported. I hope to have a new version of the framework available in the next 2 weeks, and this should make error reporting much better.

The account was not able to connect at all. Here's a sample of the failure XML that is going into the PolicyHistory table. There's a message "Login failed for user 'DOMAIN\sqluser'" in the middle of the XML. (note, I removed
our exact server and account names)

PS - The same thing happens if I register a bogus server name. In this case I registerd "asdfgsdf" as a server, (not a real server in our network). The message below was part of the XML that was entered into PolicyHistory...

System.Data.SqlClient.SqlException: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured
to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)<?

The root issue is that the errors are written but not surfacing through the error views, correct? I have the resolution of this issue and am testing the new version at this time. The next version will correctly enumerate all errors. In
the meantime, are you able to query the PolicyHistory table for errors using the following:

I'm not sure if this is a view problem or a powershell problem. The issue I noticed is the results of connection failures are just being put into the policy.PolicyHistory table. The table EvaluationErrorHistory is empty. When a connection failure
happens, it doesn't look like this portion of the powershell script ever runs...

tting a ton of evaluation errors. Many more than I would expect. One of the most prevalent is in regards to the Password Expiration and Password Policy. This example is run against a SQL Server
9.0.3077. It’s using an account with SYSADMIN and a local admin on the server. The OS is WIN2K3 R2 64-bit. Any known issues with these two. The error is below and is the same on most.

Hello Eddie. It looks like you need to update your policy to filter the target logins to SQL logins only. Based on the error you supplied, the policy is failing to evaluate the BUILTIN/Administrator, and the PasswordPolicyEnforced setting is
only available on SQL logins. I hope this helps!